CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1101 CVE-2001-0680 Dir. Trav. 2001-09-20 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command.
1102 CVE-2001-0681 DoS Overflow 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password.
1103 CVE-2001-0683 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.
1104 CVE-2001-0684 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.
1105 CVE-2001-0687 2001-09-20 2017-12-19
5.0
None Remote Low Not required Partial None None
Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).
1106 CVE-2001-0688 DoS 2001-09-20 2008-09-05
5.0
None Remote Low Not required None None Partial
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
1107 CVE-2001-0693 2001-09-20 2017-12-19
5.0
None Remote Low Not required Partial None None
WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).
1108 CVE-2001-0695 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\).
1109 CVE-2001-0696 DoS 2001-09-20 2017-10-10
5.0
None Remote Low Not required None None Partial
NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.
1110 CVE-2001-0697 DoS 2001-09-20 2017-10-10
5.0
None Remote Low Not required None None Partial
NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command.
1111 CVE-2001-0698 Dir. Trav. 2001-09-20 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.
1112 CVE-2001-0703 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
1113 CVE-2001-0705 Dir. Trav. 2001-09-20 2017-12-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument.
1114 CVE-2001-0707 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514.
1115 CVE-2001-0708 DoS 2001-09-20 2017-12-19
5.0
None Remote Low Not required None None Partial
Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string.
1116 CVE-2001-0709 2001-09-20 2017-12-19
5.0
None Remote Low Not required Partial None None
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.
1117 CVE-2001-0710 DoS 2001-09-20 2017-10-10
5.0
None Remote Low Not required None None Partial
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
1118 CVE-2001-0711 DoS 2001-08-31 2017-12-19
5.0
None Remote Low Not required None None Partial
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
1119 CVE-2001-0716 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.
1120 CVE-2001-0721 DoS 2001-12-06 2018-10-12
5.0
None Remote Low Not required None None Partial
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
1121 CVE-2001-0729 Bypass 2001-10-30 2021-06-06
5.0
None Remote Low Not required None None Partial
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
1122 CVE-2001-0730 2001-10-30 2021-06-06
5.0
None Remote Low Not required None Partial None
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
1123 CVE-2001-0731 Bypass 2001-10-01 2021-06-06
5.0
None Remote Low Not required Partial None None
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
1124 CVE-2001-0738 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
1125 CVE-2001-0740 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability.
1126 CVE-2001-0743 DoS 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands.
1127 CVE-2001-0745 +Info 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
1128 CVE-2001-0748 20 2001-10-18 2017-07-11
5.0
None Remote Low Not required Partial None None
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
1129 CVE-2001-0750 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
1130 CVE-2001-0752 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
1131 CVE-2001-0754 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
1132 CVE-2001-0760 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field.
1133 CVE-2001-0767 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
1134 CVE-2001-0769 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character.
1135 CVE-2001-0773 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests.
1136 CVE-2001-0776 DoS Overflow 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service.
1137 CVE-2001-0777 DoS 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts.
1138 CVE-2001-0778 2001-10-18 2017-12-19
5.0
None Remote Low Not required None Partial None
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).
1139 CVE-2001-0780 22 Dir. Trav. 2001-10-18 2016-05-25
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
1140 CVE-2001-0783 2001-10-18 2017-12-19
5.0
None Remote Low Not required Partial None None
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
1141 CVE-2001-0784 Dir. Trav. 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
1142 CVE-2001-0785 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.
1143 CVE-2001-0786 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
1144 CVE-2001-0788 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
1145 CVE-2001-0790 DoS 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts.
1146 CVE-2001-0791 2001-10-18 2008-09-05
5.0
None Remote Low Not required None Partial None
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access.
1147 CVE-2001-0794 DoS Overflow 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command.
1148 CVE-2001-0795 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names.
1149 CVE-2001-0796 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
1150 CVE-2001-0804 Dir. Trav. 2001-12-06 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.
Total number of vulnerabilities : 1677   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (This Page)24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.